US11501018B2 - Network-compatible device - Google Patents

Network-compatible device Download PDF

Info

Publication number
US11501018B2
US11501018B2 US16/992,338 US202016992338A US11501018B2 US 11501018 B2 US11501018 B2 US 11501018B2 US 202016992338 A US202016992338 A US 202016992338A US 11501018 B2 US11501018 B2 US 11501018B2
Authority
US
United States
Prior art keywords
network
switching signal
compatible device
controller
signal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US16/992,338
Other languages
English (en)
Other versions
US20210056228A1 (en
Inventor
Gerrit Boysen
Andreas Fuss
Ingo HILGENKAMP
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Phoenix Contact GmbH and Co KG
Original Assignee
Phoenix Contact GmbH and Co KG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Phoenix Contact GmbH and Co KG filed Critical Phoenix Contact GmbH and Co KG
Assigned to PHOENIX CONTACT GMBH & CO. KG reassignment PHOENIX CONTACT GMBH & CO. KG ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: FUSS, ANDREAS, Hilgenkamp, Ingo, BOYSEN, GERRIT
Publication of US20210056228A1 publication Critical patent/US20210056228A1/en
Application granted granted Critical
Publication of US11501018B2 publication Critical patent/US11501018B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp

Definitions

  • the present disclosure relates to a network-capable device with a security function for destroying user data.
  • Network-compatible devices in particular network infrastructure components, are typically operated with a device configuration which has data worth protecting. For operational and/or legal reasons, it may be necessary to keep the data secret and/or to protect it against unauthorized access by third parties. In particular, if network-compatible devices are switched off or put out of operation or are used for a new purpose, it may not be guaranteed that the previous device configuration can no longer be read out and the data is protected accordingly.
  • the present disclosure is based on the knowledge that the above object can be solved by a network-capable device which has a security function.
  • the safer function can be performed manually and/or automatically triggered by an event, the user data being irretrievably deleted when the safety function is triggered.
  • the secure deletion prevents data from being read back from the memory cells.
  • the secure deletion of user data takes place immediately in the event of an automatic call of the safety function.
  • the network-compatible device becomes unusable in the context of the current application by calling the safety function, but can be put into operation again with a new configuration.
  • the disclosure relates network-compatible device with a security function for destroying user data.
  • the network-compatible device comprises a signal input which is designed to receive a configuration signal and a memory which is designed to store first user data.
  • the network-compatible device comprises a controller, which is designed to perform a safety function upon receipt of the control signal, which destroys first user data in the memory, the network-compatible device being inoperable when the first user data is destroyed.
  • the controller is further designed to store the second user data in the memory upon receipt of the configuration signal, which comprises second user data, in order to enable operation the network-compatible device on the basis of the second user data.
  • the network-compatible device can in particular be an infrastructure component which is integrated into a network and can receive data, in particular user data, from the network.
  • the user data can include configurations, passwords, certificates, log files, personal data and/or notes and other user or application-generated data. These data can be subject to operational data protection and/or legal data protection, so that it may be necessary for access to the user data to be regulated, logged and/or restricted using the network-compatible device.
  • the destruction of data can be defined as a non-recoverable deletion of the data.
  • the original data can be prevented from being read out by rewriting the memory segments which contain the data to be destroyed, with, in particular, random data. If the data is destroyed, however, the functionality of the memory can be retained, so that the memory can be written with new user data in order to enable the functionality of the network-compatible device with a new configuration in the form of second user data.
  • the first user data can be stored encrypted in the memory using a cryptographic method, in particular using a cryptographic key, so that the first user data can be destroyed by deleting the cryptographic key. Since access to the first user data is only possible using the cryptographic key, the first user data can no longer be decrypted when the key is deleted and, accordingly, can no longer be restored.
  • the cryptographic key can be stored in a security module of the network-compatible device, for example in a Trusted Platform Module (TPM).
  • TPM Trusted Platform Module
  • the security module can be designed to prevent unauthorized reading of the cryptographic key. Furthermore, the cryptographic key cannot be reconstructed the data stored on the network-compatible device.
  • the controller is designed to encrypt and/or decrypt the first user data using a cryptographic key. Furthermore, the controller can be designed to receive the cryptographic key via a network interface.
  • the memory segments, memory sectors or memory cells can not only be released for reuse in the event of such a secure deletion, but the existing data can be actively removed and or overwritten in order to reduce a security risk.
  • the delete function can be carried out automatically and/or immediately in order to destroy the user data as quickly as possible.
  • the data can be erased without a delay that extends beyond an ordinary signal runtime and/or an ordinary period of time that the erasure itself takes.
  • the signal input is designed to receive a maintenance signal
  • the controller is designed to carry out the safety function if the maintenance signal is not present at the signal input during operation of the network-compatible device.
  • the controller is configured to be configurable in order to configure the signal shape of the maintenance signal to be received by means of the signal input.
  • the network-compatible device can be operated with an individualized maintenance signal in order to prevent further use of the network-compatible device without preventing the individualized maintenance signal.
  • the maintenance signal can be identical, for example, for a group of network-compatible devices of a user, but different with respect to a further group of network-compatible devices of another user.
  • an exchange of network-compatible devices between the users with preservation of the respective user can be prevented.
  • the network-compatible device comprises a user interface, which is connected upstream of the signal input and is designed to record a user input and to make it available to the controller via the signal input, the controller being configurable by means of the user interface and the user interface being designed to generate the control signal and/or the configuration signal.
  • the network-compatible device is configurable.
  • the user interface can detect haptic and/or acoustic input at the installation location of the network-compatible device, so that the network-compatible device can be configured by a user via a key and/or voice input.
  • the user interface can be are electronic interface, which can be controlled by means of an, in particular remotely arranged, electronic access terminal in order to configure the network-compatible device with corresponding control commands.
  • the signal input is a digital input which is designed to receive a coded maintenance signal, the controller being designed to prevent the first user data from being destroyed if the coded maintenance signal is present at the digital input during operation of the network-compatible device.
  • the advantage can be achieved in particular that the replication of the maintenance signal can be prevented. Accordingly, operation of the network-compatible device can be linked to the coded maintenance signal, so that in the event of unauthorized access to the network-compatible device, the first user data cannot be read out and/or the network-compatible device cannot be operated on the basis of the first user data.
  • the coded maintenance signal can further comprise a maintenance message, the controller being designed to evaluate the maintenance message and trigger the security function in accordance with the content, of the maintenance message.
  • the maintenance message can also be encrypted in order to prevent unauthorized access.
  • the network-compatible device comprises a first switching signal input and a second switching signal input, a first switching signal being able to be applied to the first switching signal input and a second switching signal being able to be applied to the second switching signal input.
  • the controller is designed to carry out the safety function when the first switching signal is present at the first switching signal input if the second switching signal is not present at the second switching signal input.
  • the network-compatible device is coupled to a door and/or housing contact via the first switching signal input and/or is coupled to a lock and/or unlocking contact via the second switching signal input.
  • the first switching signal can be present at the first switching signal input, so that the first switching signal indicates access or an approach to the network-compatible device.
  • the housing opening or the door can in particular form the only physical access to the network-compatible device.
  • the second switching signal would also have to be present in order to prevent the safety function from being carried out.
  • the second switching signal can be generated, for example, by a lock or another unlocking unit, with the second switching signal being able to authorize access to the network-compatible device by, for example, opening the door or the housing.
  • the second switching signal would have to be present at the network-compatible device at the same time and/or before the first switching signal, since the controller can be designed to check whether the second switching signal is present when the first switching signal is present. If no second switching signal is detected during the check, the safety function can be triggered.
  • the second switching signal at the lock and/or unlocking contact can be, for example, an authorized unlocking of the lock with a key.
  • the key can be an electronic key or a mechanical key.
  • a first switch is connected to the first switching signal input and a second switch is connected to the second switching signal input, and the first switching signal input can be supplied with the first switching signal via the first switch and the second switching signal input can be supplied with the second switching signal via the second switch.
  • the switches can each be designed as openers or closers.
  • the control can be designed to detect an opening of a first switch when the first switching signal is not present and to check accordingly whether the second switching signal is also not present. If the second switching signal is still present, the second switch has not been opened and the safety function can be triggered.
  • the controller can be designed to continuously monitor the switching signal inputs and to check the signal present at the second switching signal input for a preset switching criterion in the event of a signal change at the first switching signal input and to trigger the safety function in the event of a deviation from the preset switching criterion. Accordingly, the second switching signal is used to validate the first switching signal. If there is an invalid change in the first switching signal in relation to the second switching signal. the safety function can be triggered.
  • the network-compatible device comprises a network interface, the controller being designed to monitor whether the network-compatible device is accessed via the network interface and to perform the security function when an access is determined if the second switching signal is not present at the second switching signal input.
  • the network interface can be a wired interface, which is designed particular to integrate the network-compatible device into a network.
  • the network can in particular meet one of the following standards: TCP/IP, http, https, UDP, Ethernet/IP, PROFINET, EtherCAT, Modbus-TCP, POWERLINK, PROFIBUS DP, Modbus-RTP, CC-Link, CANopen, DeviceNet or others computer-based connections, which can also include fieldbus systems.
  • the network interface can be a wireless interface, in particular a WLAN, NFC or Bluetooth interface and any type of mobile radio.
  • the controller can be designed to also detect unauthorized network access with the monitoring of the second switching signal input and to trigger the safety function accordingly. It may therefore be necessary to ensure before a network access that the second switching signal is present at the second switching signal input in order to prevent the first user data from being destroyed.
  • the network-compatible device comprises a first switching signal output which is connected to the first switch and a second switching signal output which is connected to the second switch, the controller being designed to provide the first switching signal at the first switching signal output and to provide the second switching signal at the second switching signal output.
  • the network-compatible device is independent of external devices and/or signals with regard to the monitoring of the switches.
  • the first switching signal and the second switching signal it is further predefined which signal form is to be expected at the respective switching signal input when the first switch or the second switch is switched.
  • the controller is designed to generate a dynamic, unambiguous signal as the first switching signal and/or as the second switching signal and to compare the signal at the first switching signal input and/or the second switching signal input with the dynamic, unambiguous signal.
  • the controller is also designed to perform the safety function in the event of a signal deviation between the provided dynamic, unambiguous signal and the received switching signal.
  • a dynamic, unambiguous signal can be different, in particular, from dynamic signals of further network-compatible devices.
  • the signal can have a predetermined signal level sequence and/or time-varying signal levels which are suitable for being received at the respective switching signal input in an unchanged manner.
  • the dynamic, unambiguous signal can contain a time stamp and/or time information, so that the dynamic, unambiguous signal can have a limited temporal validity. In this way, for example, the advantage can be achieved that the dynamic, unambiguous signal is not recorded and is supplied to the network-compatible device at a later point in time as a switching signal, since the validity of the switching signal is linked to the time information and/or the time stamp.
  • the network-compatible device comprises a network interface, the controller being designed to send a message to at least one further network-compatible device when the safety function is triggered by means of the network interface, in order to trigger destruction of user data also on the further network-compatible device.
  • this can achieve the advantage that a single, unauthorized access to a network-compatible device of a plurality of network-compatible devices can trigger the execution of the security function on all network-compatible devices that are connected to one another via the network. Accordingly, the user data can be protected on all network-compatible devices.
  • the network-compatible devices can be identically, in particular with regard to the switching signal inputs.
  • a first number of network-compatible devices of the plurality of network-compatible devices can be controlled by at least one network-compatible device by means of a message in order to trigger the security function on the respective network-compatible device of the first number of network-compatible devices.
  • the first number of network-compatible devices can be protected, for example, against unauthorized access to the respective user data if these network-compatible devices do not have their own means for detecting unauthorized access.
  • the message is an individual message which is addressed to a specific further network-compatible device, the individual message comprising an instruction for executing a security function for deleting user data on the further network-compatible device.
  • the network-compatible device can address a group of selected further network-compatible devices and can trigger the execution of the safety function for deleting the respective first user data on these devices.
  • the network-compatible device can be designed to select, on the type of the switching signals detected, on which network-compatible devices the safety function is to be carried out.
  • the message is a broadcast message which is addressed to an indefinite number of further network-compatible devices, the broadcast comprising an instruction for executing a security function for deleting user data on the respective network-compatible device.
  • the controller is designed to monitor the network interface and to receive a message via the network interface, the controller also being designed to carry out the security function when the message is received.
  • the network-compatible device can be designed to receive a broadcast message and/or an individual message via the network interface and to trigger the security function when the respective message is received.
  • the controller can be designed to prevent the safety function from being executed even when a broadcast or individual message is received if the first switching signal is present at the first switching signal input and the second switching signal is present at the second switching signal input.
  • the controller is designed to replace the first user data with standard data when the safety function is carried out, the further operation of the network-compatible device being prevented in the context of the specific application by loading the standard data.
  • FIG. 1 shows a network-compatible device in one example
  • FIG. 2 shows a network-compatible device in one example
  • FIG. 3 shows a network-compatible device in one example.
  • FIG. 1 shows a schematic view of a network-compatible device 100 with a security function for the destruction of user data.
  • the network-compatible device includes a signal input 101 , which is designed to receive control signal and a configuration signal, a memory 103 , which is designed to store first user data, and a controller 105 , which is designed, upon receipt of the control signal, to perform a safety function which destroys the first user data in the memory 103 , the network-capable device 100 being inoperative when the first user data is destroyed.
  • the controller 105 is also designed, upon receipt of the configuration signal, which comprises second user data, to store the second user data in the memory 103 , in order to enable the network compatible device 100 to operate on the basis of the second user data.
  • the signal input 101 is also designed to receive a maintenance signal, and the controller 105 is configured to carry out the safety function if the maintenance signal is not present at the signal input 101 during the operation of the network-compatible device 100 . Furthermore, the controller 105 is configured to be configurable in order to configure the signal shape of the maintenance signal to be received by means of the signal input 101 .
  • the network-compatible device 100 comprises a user interface 107 , which is connected upstream of the signal input 101 and is designed to record a user input and to make it available to the controller 105 via the signal input 101 , the controller 105 being configurable by means of the user interface 107 and the user interface 107 being designed to generate the control signal and/or the configuration signal.
  • the signal input 101 can be a digital input, which is designed to receive a coded maintenance signal, wherein the controller 105 is designed to prevent destruction of the first user data if the coded maintenance signal is present at the digital input during operation of the network-compatible device 100 .
  • FIG. 2 shows a schematic view of a network-capable device 100 , with a signal input 101 , which is designed to receive a control signal and a configuration signal, a memory 103 , which is designed to store first user data, and a controller 105 , which is designed to perform a safety function upon receipt of the control signal, which destroys the first user data in the memory 103 .
  • the network-compatible device 100 further comprises a first switching signal input 109 - 1 and a second switching signal input 109 - 2 , wherein a first switching signal can be applied to the first switching signal input 109 - 1 and a second switching signal can be applied to the second switching signal input 109 - 2 .
  • the controller 105 is also designed to perform the safety function when the first switching signal is applied to the first switching signal input 109 - 1 if the second switching signal present at the second switching signal input 109 - 2 .
  • a first switch 111 - 1 is connected to the first switching signal input 109 - 1 and a second switch 111 - 2 is connected to the second switching signal input 109 - 2 , and the first switching signal input 109 - 1 can be supplied with the first switching signal via the first switch 111 - 1 and the second switching signal input 109 - 2 can be supplied with the second switching signal via the second switch 111 - 2 .
  • the first switching signal and the second switching signal can be provided, for example, by an external signal source.
  • the first switching signal may be different from the second switching signal.
  • FIG. 3 shows a schematic view of a network-compatible device 100 , with a signal input 101 which is designed to receive a control signal and a configuration signal, a memory 103 which is designed to store first user data and a controller 105 which is designed to execute a safety function upon receipt of the control signal, which destroys the first user data in the memory 103 .
  • the network-compatible device 100 further comprises a network interface 113 and the controller 105 is designed to monitor whether access to the network-compatible device 100 takes place via the network interface 113 and to perform the security function upon detection of an access if at the second switching signal input 109 - 2 the second switching signal is not present.
  • the network-compatible device 100 comprises a first switching signal output 115 - 1 , which is connected to the first switch 111 - 1 , and a second switching signal output 115 - 2 , which is connected to the second switch 111 - 2 .
  • the controller 105 is signed to provide the first switching signal at the first switching signal output 115 - 1 and to provide the second switching signal at the second switching signal output 115 - 2 .
  • the controller 105 is also designed to generate a dynamic, unambiguous signal as the first switching and as the second switching signal, and to compare the signal present at the first switching signal input 109 - 1 and the second switching signal input 109 - 2 , respectively, with the dynamic, unambiguous signal. Furthermore, the controller 105 is designed to carry out the safety function in the event of a signal deviation between the provided dynamic, unambiguous signal and the respective switching signal received.
  • the first switch can in particular be a door contact and the second switch can in particular be a door lock contact, wherein a first connection of the door contact and further first connection of the door lock contact can each be supplied with an electrical voltage.
  • the door contact can close and the electrical voltage present at the first switching signal input.
  • the door lock is opened and or actuated, the door look contact can close, so that the electrical voltage is present at the second switching signal input. For example, in this state the same signal can be applied to the first switching signal input and the second switching signal input.
  • the door contact can close in particular if the door is opened independently of the door lock contact.
  • the door contact can close if the door is broken open or otherwise opened without prior actuation of the door lock contact
  • the network-compatible device can in particular be arranged such that physical access to the network-compatible device is not possible without opening the door. Accordingly, the network-compatible device can be protected against unauthorized access via the door contact in conjunction with the door lock contact.
  • the controller 105 is designed to send a message to at least one further network-compatible device 301 - 1 , 301 - 2 , 301 - 3 , 301 - 4 when the security function is triggered by means of the network interface 113 , in order to also trigger destruction of user data on the further network-compatible device 301 - 1 , 301 - 2 , 301 - 3 , 301 - 4 .
  • the message can be an individual message which is addressed to a specific further network-compatible device 301 - 1 , 301 - 2 , 301 - 3 , 301 - 4 , the individual message comprising an instruction for executing a security function for deleting user data on the further network-compatible device 301 - 1 , 301 - 2 , 301 - 3 , 301 - 4 .
  • the message can be a broadcast message which is addressed to an indefinite number of further network-compatible devices 301 - 1 , 301 - 2 , 301 - 3 , 301 - 4 .
  • the broadcast message comprises an instruction for executing a security function for deleting user data on the respective network-compatible device 301 - 1 , 301 - 2 , 301 - 3 , 301 - 4 .
  • the controller 105 is also designed to replace the first user data standard data when the safety function is carried out, the further operation of the network-compatible device being prevented in the context of the specific application by loading the standard data.
  • the standard data can also be contained in the message transmitted via the network and/or can be stored in the memory 103 during the manufacture of the network-compatible device 100 .
  • the controller 105 can also be designed to generate a confirmation message and to provide via the network interface that the first user data have been destroyed.
  • information about the reason for triggering the safety function can be contained in the message.
US16/992,338 2019-08-19 2020-08-13 Network-compatible device Active 2041-01-13 US11501018B2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102019122155.2A DE102019122155A1 (de) 2019-08-19 2019-08-19 Netzwerkfähiges Gerät
DE102019122155.2 2019-08-19

Publications (2)

Publication Number Publication Date
US20210056228A1 US20210056228A1 (en) 2021-02-25
US11501018B2 true US11501018B2 (en) 2022-11-15

Family

ID=74495136

Family Applications (1)

Application Number Title Priority Date Filing Date
US16/992,338 Active 2041-01-13 US11501018B2 (en) 2019-08-19 2020-08-13 Network-compatible device

Country Status (2)

Country Link
US (1) US11501018B2 (de)
DE (1) DE102019122155A1 (de)

Citations (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003075125A2 (en) 2002-03-01 2003-09-12 Enterasys Networks, Inc. Location aware data network
US20110219102A1 (en) 2006-02-15 2011-09-08 Cisco Technology, Inc. Method and System for Network Configuration
US20110231543A1 (en) 2010-03-19 2011-09-22 Fujitsu Limited Network management control program, network management control device, and network management control method
DE102011009054A1 (de) 2011-01-20 2012-07-26 Deutsche Telekom Ag Datenverarbeitungsvorrichtung mit verbesserter Datensicherheit
US20130103641A1 (en) 2011-10-21 2013-04-25 Salesforce.Com, Inc. Monitoring entitlement usage in an on-demand system
US20130269032A1 (en) * 2012-04-09 2013-10-10 Cellnet Innovations, Inc. Detecting Network Intrusion Using a Decoy Cryptographic Key
US20150269805A1 (en) 2012-10-13 2015-09-24 Korala Associates Limited User terminal system and method
US20150293732A1 (en) * 2014-04-10 2015-10-15 Konica Minolta, Inc. Image Forming System, Service Providing Server, Information Processing Terminal, Image Forming Device and Non-Transitory Computer Readable Recording Medium
US20150350218A1 (en) * 2014-06-03 2015-12-03 International Business Machines Corporation Multi-factor secure appliance decommissioning
US20150370656A1 (en) * 2013-01-31 2015-12-24 Technion Research & Development Foundation Limited Management and recovery of distributed storage of replicas
US20160203086A1 (en) * 2015-01-12 2016-07-14 Phison Electronics Corp. Data protection method, memory control circuit unit and memory storage device
US20170116440A1 (en) * 2014-06-27 2017-04-27 Jerry Huang System for data protection in power off mode
US20170126496A1 (en) 2015-11-04 2017-05-04 Cisco Technology, Inc. Automatic provisioning of lisp mobility networks when interconnecting dc fabrics
US20180013722A1 (en) * 2016-07-06 2018-01-11 Eric Enos Distributed firewall device and system
US20190095150A1 (en) * 2017-09-27 2019-03-28 Brother Kogyo Kabushiki Kaisha Image Recording Apparatus
US20200159460A1 (en) * 2018-11-15 2020-05-21 Hewlett Packard Enterprise Development Lp Method and Apparatus for Selective Erase of Persistent and Non-Volatile Memory Devices
US11106386B1 (en) * 2019-05-20 2021-08-31 Amazon Technologies, Inc. Dynamic throttling of capacity reclamation
US20220019369A1 (en) * 2020-07-16 2022-01-20 Blancco Technology Group IP Oy Data erasure of network devices

Patent Citations (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003075125A2 (en) 2002-03-01 2003-09-12 Enterasys Networks, Inc. Location aware data network
US20110219102A1 (en) 2006-02-15 2011-09-08 Cisco Technology, Inc. Method and System for Network Configuration
US20110231543A1 (en) 2010-03-19 2011-09-22 Fujitsu Limited Network management control program, network management control device, and network management control method
DE102011009054A1 (de) 2011-01-20 2012-07-26 Deutsche Telekom Ag Datenverarbeitungsvorrichtung mit verbesserter Datensicherheit
US20130103641A1 (en) 2011-10-21 2013-04-25 Salesforce.Com, Inc. Monitoring entitlement usage in an on-demand system
US20130269032A1 (en) * 2012-04-09 2013-10-10 Cellnet Innovations, Inc. Detecting Network Intrusion Using a Decoy Cryptographic Key
US20150269805A1 (en) 2012-10-13 2015-09-24 Korala Associates Limited User terminal system and method
US20150370656A1 (en) * 2013-01-31 2015-12-24 Technion Research & Development Foundation Limited Management and recovery of distributed storage of replicas
US20150293732A1 (en) * 2014-04-10 2015-10-15 Konica Minolta, Inc. Image Forming System, Service Providing Server, Information Processing Terminal, Image Forming Device and Non-Transitory Computer Readable Recording Medium
US20150350218A1 (en) * 2014-06-03 2015-12-03 International Business Machines Corporation Multi-factor secure appliance decommissioning
US20170116440A1 (en) * 2014-06-27 2017-04-27 Jerry Huang System for data protection in power off mode
US20160203086A1 (en) * 2015-01-12 2016-07-14 Phison Electronics Corp. Data protection method, memory control circuit unit and memory storage device
US20170126496A1 (en) 2015-11-04 2017-05-04 Cisco Technology, Inc. Automatic provisioning of lisp mobility networks when interconnecting dc fabrics
US20180013722A1 (en) * 2016-07-06 2018-01-11 Eric Enos Distributed firewall device and system
US20190095150A1 (en) * 2017-09-27 2019-03-28 Brother Kogyo Kabushiki Kaisha Image Recording Apparatus
US20200159460A1 (en) * 2018-11-15 2020-05-21 Hewlett Packard Enterprise Development Lp Method and Apparatus for Selective Erase of Persistent and Non-Volatile Memory Devices
US11106386B1 (en) * 2019-05-20 2021-08-31 Amazon Technologies, Inc. Dynamic throttling of capacity reclamation
US20220019369A1 (en) * 2020-07-16 2022-01-20 Blancco Technology Group IP Oy Data erasure of network devices

Also Published As

Publication number Publication date
CN112395652A (zh) 2021-02-23
US20210056228A1 (en) 2021-02-25
DE102019122155A1 (de) 2021-02-25

Similar Documents

Publication Publication Date Title
US8006101B2 (en) Radio transceiver or other encryption device having secure tamper-detection module
US9298917B2 (en) Enhanced security SCADA systems and methods
US8479288B2 (en) Method and system for providing a honeypot mode for an electronic device
CN100484159C (zh) 便携式信息终端和数据保护方法
US9674164B2 (en) Method for managing keys in a manipulation-proof manner
KR20060132996A (ko) 휴대통신기기 보안장치 및 방법
CN103946856A (zh) 加解密处理方法、装置和设备
US11755719B2 (en) Interface for a hardware security module
EP1967977A2 (de) Verfahren und Vorrichtung zum Schützen eines Flash-Speichers
CN101441601A (zh) 一种硬盘ata指令的加密传输的方法
WO2016093260A1 (ja) 情報処理装置
CN110298939B (zh) 锁定电气设备的功能的方法和实施该方法的电气设备
US11501018B2 (en) Network-compatible device
CN109657490B (zh) 一种办公文件透明加解密方法及系统
JP6437457B2 (ja) 制御および調節ユニットのシステム状態の不正操作を識別する装置および該装置を含む核技術設備
CA2593991C (en) Method and system for providing a honeypot mode for an electronic device
CN112395652B (zh) 网络兼容装置
JP2008065678A (ja) 機器の制御システム、制御装置およびプログラムの保護方法
BR102016013149A2 (pt) Bluetooth cell phone access control system
CN101930523B (zh) 文档保护系统及方法
US11163900B2 (en) Data processing means and method for operating the same
US20220334749A1 (en) Systems and methods for purging data from memory
LU101363B1 (de) Netzwerkfähiges Gerät
KR20030001725A (ko) 보안 유지가 가능한 휴대 정보단말기 및 그 보안 유지 방법
JP6657166B2 (ja) ストレージ制御装置およびストレージ制御方法

Legal Events

Date Code Title Description
FEPP Fee payment procedure

Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

AS Assignment

Owner name: PHOENIX CONTACT GMBH & CO. KG, GERMANY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BOYSEN, GERRIT;FUSS, ANDREAS;HILGENKAMP, INGO;SIGNING DATES FROM 20200907 TO 20200924;REEL/FRAME:054301/0812

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPP Information on status: patent application and granting procedure in general

Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED

STCF Information on status: patent grant

Free format text: PATENTED CASE